Background

In that page there’s a long list of the software that will be installed, which are all Visual Studio components.

What happened

What came as a complete surprise to me is that it also installed an extension in Firefox, mentioned nowhere in the documentation and not as an optional install in the installer. Ok, bad and annoying enough, but things were about to get worse…

Trying to uninstall it from the Add-ons menu (Tools > Add-ons in Firefox), the Uninstall button is disabled! Yes, my dear developers, Microsoft has actually and intentionally made it impossible to uninstall it!

Such behavior and thinking goes completely opposite to the nature of the web, and it’s definitely not the stance of any other Firefox extension – or any software whatsoever, actually! No developer in his or her right mind would do this to an end user, so I’m sure it’s some “clever” middle management guy who thought this up…

How to remove it

Against what many people think, though, it can be uninstalled – but by nothing less than hacking the actual registry of Windows! Open your Start Menu and choose Run. Type in regedit and press enter/click OK. Within there, you have to look for something called HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions and delete the key there (for Windows Vista 64-bit HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions).

When you have done that, type in about:config in the address bar in Firefox, accept the warning and then remove general.useragent.extra.microsoftdotnet and microsoft.CLR.clickonce.autolaunch.

And, to finish it off, open Windows Explorer and go to \WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ to remove the last remnants of the evil extension.

BAD Microsoft

Microsoft, this is just not how to do things. Just since your own web browser is so hard to extend, don’t mess up good competing products – fix your own shit. And seeing that this problem has been around since last August just makes me even more mad, because Microsoft doesn’t lift a finger to even offer a single option to avoid this.

This is a much wider issue that must be addressed. As Ants points out, when you install iTunes or Quicktime, you don't just install the core software, you also install lots of other little software too. Sounds like spyware to me.

This is one of the reasons why I switched to Chrome because it's fast and it isn't littered with plugins. (Plus it uses Webkit)

I just had a MS update and the first time I started FF I got a notication that there was a new add-on installed. WTF where my thoughts when I learned it was a MS add-on I hadn't asked for. Thankfully, when I googled the add-on I came to this website!

I went through all the steps, but when I wanted to delete the two entries in about:config I didn't know how. I googled it and learned something about the "prefs" file. But I can't seem to open it.

So my question to you guys is, how do I remove the entries in about:config?

Dot.NET Framework has been installing this plugin for a while. It allows WPF content to run in the browser, as it is intended to.

The reason it can't be uninstalled is because it is installed for all users, and Firefox doesn't currently provide functionality to elevate privilege in order to uninstall plugins/extensions installed this way. Offending plugins/extensions can still be disabled, preventing them from loading.

Microsoft/Dot.NET framework is far from the only thing that does this: currently I see "force-installed extensions" from Adobe, Google, Sun, Apple, Nokia and Skype that "can't be uninstalled".

I have installed 2008 on many machines, and just recently, to see if your claims can be verified. They can not.

I love Firefox, I use it 99.9% of the time.

Please, check your stupid settings and verify your claims before you start spreading the worked that Microsoft is doing something it should not. Its because of people like you that software company's and products have a bad name. You people dont go into the trouble of making sure this is what happened.

Anyways, thanks for the bad publicity for a great product.

Good Bloggers VERIFY resources before publishing. If I told you the ocean just evaporated, would you post a breaking news before asking someone else?

Hang on – let me see if I've got this right – because you fail to say what this extension does… MS have an FF add-on which allows the launching of ClickOnce apps from Firefox (Something it is not capable of doing otherwise). Is that right?

You, for some reason, seem to think that they shouldn't do this.

WHY THE FUCK NOT?

I admit it is fucking retarded to not ask whether to install it, and almost criminal to not allow it to be uninstalled – but let's get this one thing straight:

BEING ABLE TO LAUNCH CLICKONCE APPS WITHOUT STARTING IE IS FUCKING BRILLIANT IDEA.

There's something flawed in Firefox's extension system. What the hell are any extension-related files or settings outside of the Firefox profile? What are all those registry keys doing there, especially for a multi-platform software?

It seems to me that Firefox should see an extension that it can't uninstall as flawed, and completely ignore it.

And to those who think that extension is a good idea: contrary to Internet Explorer, Firefox is (originally) based on the idea that security is important. That's why I can use it to surf the web. If the security is lowered, even to improve usability, Firefox is basically rendered useless, since you can't use it anymore on the web.

RealPlayer (tagline: Free Toxic Sludge for your Registry) is another app that does this. I had to download it recently in order to watch some videos on a new client's site. I've had issues with RealPlayer in the past and already loathed it with the intensity of a hundred thousand suns, but I was still astonished to discover that it's actually gotten worse.

It also force-installs a Firefox plugin and does that same trick of disabling the Uninstall button, whilst also helpfully slowing Firefox to a mind-numbing crawl.

You installed DEVELOPMENT tool that in turn installed Firefox plugin needed for testing your clickonce deployment. I don't know why it was surprise for you (I knew that before installation, but I win dev and often read msdn), but it's ok – MS did not annotate this install correctly. Good. BUT. Once again, the target is developers! Aren't they supposed to be, well, not that childish?

Now, Apple installs its plugin silently, with a CONSUMER product. To children, grandmas and marketing people.

It seems to be so unbelievable that windows update pushes a firefox extension, that's sound more like a fantasy than anything else …

Anyways, if you don't like the behaviour of this plateform (MS-windows) you have at least 3 or 4 other plateforms (yes among them, there's linux – since nobody so far had to courage to say it) to choose from. Oh and you will be able to use firefox safely too with them.

I had it, and I do not have, nor have I ever had any copy of Visual Studio.
As far as I can tell, it comes with the .NET framework runtime. Hurrah.
Some people don’t want scripts run in their browser. Some people block Java. Flash. Whatever else.
And then comes Microsoft, and installs this, which allows to run ClickOnce applications to be run in your browser. Without telling you.
Just… WTF??

Dramatic much? When an outside application installs an add-on, it is very common that it can not be uninstalled. I've seen this plenty of times. As someone else said, it is because of the way they set up the user model. How about when iTunes installs Safari? Or Google doesn't allow you to remove exceptions to the problem reporter? Or Chrome installs in a totally crazy user area? Yeah, this stuff happens.

This is getting silly. If you all are running Firefox on a machine that can run the Microsoft flavour of the .NET framework (rather than Mono), you are running Windows. If there is a permissions issue – which is why the extension is greyed out – odds are either (a) Firefox has a severe issue with how it handles add-ons, but luckily it is open source, so all of you clever developers can fix it, or (b) you can just context-menu > Run As Administrator, which should give Firefox any permissions it needs to play with the registry.

Microsoft seems to, for once, actually be paying attention to the user not running their stack; while a great many of you know how to install an extension for all users on a system, Joe Public probably does not. "Where do I drive to find this Registry?" However, Joe Public probably wants to run those nifty applications without worrying about opening a different browser. This is a solution for Joe Public.

Finally, @IANAL, given that you installed .NET on your machine – and presumably gave consent somehow, e.g. "Automatically install updates for me," or "I agree" at the installer, you gave consent for all of the components of the .NET runtime to be installed – which includes this little extension to Firefox.

For all those MS apologists, please explain why the user agent needs to be modified so that every web site I visit after update force feeds this extension on me knows about a new vector of attack they can make on my machine?

After that explain why, when the extension is disabled, is the user agent still advertising it?

Face it, that other companies do the same is no excuse for MS. Convicted monopolists have special responsibilities regardless.

I halfway expect the Java installer to put something into my setup, including possibly my extensions. I mean, that's one big reason I download the JRE in the first place. I imagine the extension in Firefox (along with the plugin) gets removed should I remove the JRE (though I haven't yet had reason to remove a JRE).

As for Skype, I've added and removed it on several occasions, and it even asks you if you want to add the extension to your browser. I answered in the affirmative. And when I uninstall it, the extension also gets uninstalled.

This is fine. I can handle these.

The topic of debate here is not the usefulness or even the merits of the .NET Assistant. It's the fact that it managed to get onto our systems with neither our knowledge nor consent.

What Microsoft did was reprehensible. Not once did I see something that said, "We're going to install this extension into Firefox," nor did I see anything that said, "You can remove this extension by doing this" or "You can choose whether or not to add this extension." This happened when I installed .NET 3.5 on an XP machine and ran Windows Update on my Vista laptop. Had I been asked, I MIGHT have said "yes". Going into it unenlightened and without a request for my consent, not providing an uninstaller adds insult to injury.

Furthermore, "automatic updates" should not mean "new features". It should mean just what it means. This was not an update. This was a new feature, which we should be told about when this gets installed, like whenever I install a service pack into Windows.

Summary:

I install the JRE because I want the Java plugin and having the extension there. So I installed it with the expectation of having stuff put in my browser. That is OK because I wanted it and as such, it was expected. If anything, I'd be more upset if it was NOT registering in my browser.

I install Skype which gives me the option of installing an extension to the browser. As such, I reward Skype for asking my consent by granting it. And it uninstalls when the main application is uninstalled. This is OK because it asked me for consent and removes itself when the main application is removed.

I install .NET 3.5 and any updates. The .NET assistant gets installed with no indication during this process. Neither am I asked whether I want it. About the only "orthodox" way to remove this is to uninstall .NET 3.5 on an XP machine. This is not an option on a Vista machine. So we have to resort to this procedure this site's owner has graciously documented for the public at large. This is NOT OK because the user is neither informed about nor asked whether he wants the extension installed and gives no formal way to remove just the extension without removing the underlying framework if it gets installed.

We can only hope that Microsoft gets a clue. In the US for its monopolistic activities, it's getting little more than a slap on the wrist, while it's looking more like a pillorying in Europe, if not worse.

Although this is bad of Microsoft, I witsh Mozilla would put something in Firefox that makes so each addon has to be confirmed by the user. That would stop loads of badware. Though with Firefox being open source I'm not sure how they could do this. Any ideas?

I agree, it would be great to have the option whether to accept installed extension, at least those that aren't already installed within Firefox (because in that case, you do confirm the installs), but rather those installed through other means.

when you install Java, it silently and secretively installs a Java Console extension into Firefox. the extension doesn't even appear in Firefox's list of extensions. they disable its uninstallation as well. you can show and uninstall it by closing Firefox, then editing the appropriate install.rdf file, and changing the value of "Hidden" in there from "true" to "false".

there's a similar and easier way to remove the .NET extension as well, but i'm sick of typing.

After installing Google Chrome, try going to google.com/chrome and hitting the download link, whereupon you will see GoogleUpdate.exe do whatever it likes to your computer, including installing anything it wants to install. Now, sure, ATM it will probably just check for Google Chrome and not install anything else, but there's no stopping Google from doing anything nefarious in the future… and that isn't the only concern â€” the right kind of security fowl up and the entire GoogleUpdate system could be someone's gateway into your box; and Google is no stranger to big-time fowl ups, either.

Good news people, MS is working on a solution which will allow each user on the PC to uninstall the extension for themselves. Basically, it sounds like they are going to enable to Uninstall button in the Add-ons window in FF.

We all know that every advanced user Will not use M$ browser unless forced to.

But what dous this really mean?!.

It means M$ is going after the WEEK users who don't know how to defend themselves.

so M$ wants to cash in on the WHOLE cut of the spying to advertise you market all while hitting its main competition Mozilla Firefox Browser with its security flaws while releasing its new browser?!!! WTF?!?! I don't think M$ paid enough to the EU every time it was sued, Charging them 10 times more should put a stop to this, This should have them rethink of all the individuals they are really hurting.

Microsoft has a long history of patent infringement and trampling its competition all over the world, so who's it gonna be? you gona issue me a refund?! because If I cant maintain my own security then I should trust M$?!?!?! pff pleaase I WANT A REFUND.

As IT manager for large org I install FF on the images because I want my users to run a web browser that can't install software. In the past I've defended MS but with this they have lost what trust they had with me. Truly disappointing, I would have expected this from MS circa 1990, I thought they were changing, guess not. I haven't cheered the large EU settlements against MS but I hope they screw them on this one. And no it's not ok that Sun and Apple do the same thing but pointing out other's bad behavior doesn't excuse yours.

I got this junk from Windows after a fresh install of Vista and installing "high priority UPDATES"

Since when do UPDATES (patches, security fixes, whatever you call them) add features? Microsoft will never learn… such as the "critical update" on Windows XP called Genuine Advantage Notifications. How is that a high-priority security fix?

A lot of people contributing to this thread are asking why they should disable .NET Framework Assistant? What harm is it causing Firefox. Well here is a possible answer. And Firefox today automatically disabled .NFA and WPF!

Guess What??? They also installed a GUID generator when I installed Visual Studio. There was no place in the installer that said it was going to do that. OH NOOOO. Now I got another free piece of software that I will use all the time. Quit Crying and thank Microsoft for giving you something extra . It's not spyware.

It is a part of the .NET Framework. You downloaded and installed the .NET Framework or a product that you knew included the .NET Framework (VS). Is the installation supposed to ask you about every one of the thousands of files installed.

For most people, the whole point of installing Java is to be able to run Java on Web sites. We want those extensions in our browsers.

MS installs this crap via Updates on every machine I work on with FF, none of which have VS 2008 or any other dev. tools installed. And who wants it? When I need to interact with the evil overlord or one of its affiliates I will use IE… better yet I will find their competition instead and keep using FF.

Not asking to install is pure rubbish, and several MS products and Apple products do these kinds of things. I think they can both go stuff themselves!